Firewall Wizards mailing list archives
Re: Active-content filtering (was RE: Buffer Overruns)
From: Crispin Cowan <crispin () cse ogi edu>
Date: Wed, 29 Dec 1999 18:15:31 +0000
Dorian Moore wrote:
Ultimately users need to understand that what they are downloading from a site isn't just information, but is also potentially a program which affects how their system works - and can have a negative effect on their system.
Ultimately what I want designers to understand that some users will choose *not* to download the program part. If the web site does not work without the program part, then it is *broken*. It is as badly broken as it is if it *only* works on IE or only on Netscape.
In the same way users have to be educated that files that they are emailed, or files that they received on zip/floppy/syquest/dat/memory stick or any other transfer format, can be bad as well as good. I think its a good state for mankind to have (in general) trust in what goes on around them ... if it wasn't for those pesky kids.
If we succeed in educating users about this danger, then most of them will turn it off most of the time, and as a result most of the web sites that depend on scripting for functionality will be revealed to be broken.
client side scripting has been a race forced by consumer and commercial desire (with a bit of microsoft vs netscape competition thrown in for good measure).
I actually think it was the opposite. Scripting was introduced mostly through MS vs. NS competition, and customer demand appeared only after the shiny blinking lights were waved in front of the customers. Blinking lights WITHOUT benefit of a "surgeon general's warning" :-(
As a developer within that field I often argue away from the use of these technologies :
Excellent! My favorite kind of designer.
but ultimately the people want it, and
*Executives* want it. Perhaps that is where we should place our emphasis: educating executive decision makers on the serious downside to mandating lots of blinkin lights.
I think you've got a confusued issue here. The new york times is a website providing content for free, that they have to spend time and
No, the NYT provides content for free because of the advertising revenue they get from the hit counts and click throughs. When a user browses nyt.com, they are bartering the "free" content for the "free" attention span spent on the banners. It is a very mercantile exchange, and therefore the browser is a customer of the Times, even if they did not pay in cash. As such, customers are entitled to bitch about the poor quality of the product, including bogus scripting requirements. Crispin ----- Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
Current thread:
- Re: Active-content filtering (was RE: Buffer Overruns), (continued)
- Re: Active-content filtering (was RE: Buffer Overruns) Crispin Cowan (Dec 22)
- Re: Active-content filtering (was RE: Buffer Overruns) David Lang (Dec 23)
- Re: Active-content filtering (was RE: Buffer Overruns) Hazel A. Borg (Dec 24)
- Re: Active-content filtering (was RE: Buffer Overruns) Crispin Cowan (Dec 26)
- Re: Active-content filtering (was RE: Buffer Overruns) Joseph S D Yao (Dec 28)
- Re: Active-content filtering (was RE: Buffer Overruns) Neil Ratzlaff (Dec 22)
- RE: Active-content filtering (was RE: Buffer Overruns) fernando_montenegro (Dec 26)
- Re: Active-content filtering (was RE: Buffer Overruns) Crispin Cowan (Dec 26)
- Re: Active-content filtering (was RE: Buffer Overruns) Jody C. Patilla (Dec 28)
- Re: Active-content filtering (was RE: Buffer Overruns) Dorian Moore (Dec 30)
- Re: Active-content filtering (was RE: Buffer Overruns) Crispin Cowan (Dec 30)
- Re: Active-content filtering (was RE: Buffer Overruns) Crispin Cowan (Dec 26)
- Re: Active-content filtering (was RE: Buffer Overruns) Crispin Cowan (Dec 22)